Risk Management Program
The MSRB Board of Directors is responsible for ensuring that risks associated with activities undertaken in the pursuit of the organization’s mission are understood and managed consistent with the MSRB’s risk appetite and through appropriate internal controls. The Board also ensures that risks are considered in the MSRB’s strategic planning and objective-setting activities.
As a statutorily created self-regulatory organization, the MSRB has a very low risk appetite for risks of not meeting its obligations under the Securities Exchange Act, Securities and Exchange Commission rules and orders, accurate and reliable financial reporting, and other applicable laws, rules and regulations. In choosing, developing and operating other programs and services to advance its mission and policy objectives, the MSRB is willing to accept a moderate level of risk from uncertainties that cannot be reasonably eliminated. In pursuing these opportunities, the MSRB does not accept risks that might threaten its ability to fulfill its statutory mandates.
To manage the organization consistent with its risk appetite, the MSRB engages in a structured risk management program that seeks to address risks and opportunities effectively across all departments and at the organizational level. The program also seeks to strengthen the internal control environment and accountability, ensure responsible stewardship of all MSRB assets and generate information to support strategic and operational decision-making.
MSRB management is responsible for managing risk in the day-to-day activities of each functional area of the organization and fostering an awareness of risk by all employees. Management also identifies, monitors and manages strategic risks and ensures that resources are prioritized to provide appropriate responses to organizational risks that are identified. MSRB’s Chief Executive Officer is accountable for the risk management program and the MSRB’s Chief Risk Officer is responsible for execution of the program.
The Board of Directors approves and reviews at least annually the MSRB’s risk management policy, including the statement of risk appetite, as recommended by the Audit and Risk Committee. The Board also provides recommendations regarding organizational risks annually and on an ongoing basis through Board discussion. The Audit and Risk Committee monitors top organization-wide risks reported by management on an ongoing basis to ensure that risk responses are in accordance with the Board’s risk appetite.
The Board reviews the organization’s top risk report annually and receives interim reports throughout the year from the Audit and Risk Committee.